More phishing email using PDF attachments seen in UD inboxes

More phishing scams using PDF attachments have been appearing in UD inboxes this morning. Today’s phish appear as email with one of these subject lines:

Payslip Notification

Invoice Payment.

Both appear to come from a UD person’s email account; one uses “UD Alert” as the person’s name, the other uses “University of Delaware.” Both include a brief message urging you to open an attached PDF file. And in both of those attached files is a link to a malicious site that the scammer wants you to click, claiming you have an important “Dropbox” document to retrieve.

By now, we hope you know the drill:

Don’t open unexpected attachments.

If you think there’s a chance the email and attachment are legitimate, call the alleged sender using a published phone number before you even think about opening the attachment.

But the question remains, why are we seeing an increase in this particular kind of phishing attempt?

Universities, hospitals, email services (e.g., Yahoo!, Google) and other large organizations face constant phishing attacks from hackers trying to steal passwords and usernames. Those stolen accounts are then used to launch further phishing attacks, send spam, or perform other malicious acts. Your best defense against having your account hacked is to turn on two-factor authentication (2FA)–a.k.a. “multi-step” or “two-step” verification. That way, if a hacker has stolen your password, without the extra one-time security code provided by 2FA, he will be unable to access your account.

Email anti-spam detection is getting better. More phishing emails that contain a link to a malicious site in the body of an email are getting filtered out of people’s inboxes. So the hackers are using a new tactic–putting the link to a malicious site in an attached PDF. The automated filtering used by most email services has not yet caught up to this trick. Therefore, we caution you to be especially wary of PDF attachments that seem a trifle shady — and whose main goal is to get you to click a link.

Sign up for 2FA at UD, at other email services, at Amazon, at your bank–wherever you can. And above all,